Security Centre

Phishing scams occur when fraudsters send emails pretending to be someone they’re not, so that they can trick you into revealing your personal information (i.e. usernames, passwords or PINs) or install malware on your device. These emails will often appear to come from a legitimate source and will prompt you to unknowingly click a malicious link or open an infected attachment. Phishing emails have become more sophisticated, with typos/grammatical errors no longer being the main warning sign. Don’t reply to the message or use any contact information it provides. If the message is claiming to be from Tangerine, contact us at phishing@tangerine.ca or call us at 1-888-826-4374.

Smishing is similar to phishing, except the messages are received by text message or SMS (Short Message Service) instead of email. Vishing (voice phishing) is another type of phishing but is conducted over the phone. Both types of scams will prompt you to provide personal information and will often have a high sense of urgency.

Hackers have become quite creative at finding ways to separate you from your personal information. Fraudulent emails and online ads that direct you to fake websites can appear scarily real. The problem is they’re designed to trick you out of your financial information such as credit card or bank account details. But by being cautious and alert, you can avoid being taken in. Look for the following:

• The website looks poorly designed and/or has broken links.
• You can’t find contact information.
• The website doesn’t outline clear sales, shipping and privacy policies.
• The back button is disabled - being stuck on a page without being able to go back is usually a red flag.
• You’re being asked for your credit card information before you make a purchase.

An increasing number of retailers and service providers require or encourage you to download their own app to do business with them. But just like websites, apps can be duplicated by fraudsters with the intent to steal your personal information. Watch for these tip-offs that the app could be a scam:

• The name of the app publisher is different from the retail app and/or the spelling is incorrect.
• The app doesn’t have user feedback or ratings.
• The app requires several permissions to install.
• The app has multiple pop up ads and/or keeps prompting you for your personal information.

Not sure that website or app is legit? Google the company and see what comes up in your search. Send an email or call the phone number listed to see if they’re really who they say they are.

In imposter scams, fraudsters will impersonate a trusted source, like the police, your bank, or in many cases, the Canada Revenue Agency (CRA), to convince you to send them money and/or your personal information. These scams happen year-round but spike during tax season when you might get a text, call or email claiming that you owe the government a tax payment or have a refund waiting for you. Pay attention to red flags, like if the call is coming from a strange number, and ignore requests from unknown sources asking for your personal and financial details. If you’re unsure, contact the CRA or institution they’re claiming to be directly.

Watch out for fake emails and text messages offering you the Federal Government’s new grocery rebate, a one-time payment to eligible Canadians meant to compensate for higher grocery prices due to inflation. If you get an email or text claiming to be from the CRA asking you to click a link to collect a grocery rebate, don’t respond and contact the CRA directly if you have questions. You can also learn about the eligibility for the rebate on the CRA website.

Ever see an offer online or receive an email with a product offering that sounds too good to be true? Then there’s a real chance that it is. Fraudsters pose as sellers offering items for an amazing price or with free shipping, but all they’re after is your money.

Credit and debit card fraud can happen at bank machines, ABMs and retailers virtually anywhere. Make sure whenever you're entering a PIN into a machine, you keep it private, and keep your eyes open for suspicious-looking devices attached to the machine so you don’t unknowingly help thieves gain access to your Account.

If a fraudster does manage to steal your personal information, their next move is to gain access to your online accounts. They can really do damage by making purchases, withdrawing your money or even changing the details of your account.

One way criminals try to scam you out of your user names and passwords is by creating a copy of a site’s login page. The fake version will look an awful lot like the real thing, so be extra aware when visiting sites before you enter your login details.